Here’s one that’s good for a laugh. This ‘LowVoltage’ guy sounds pretty evil. Shew!
The ‘Low Voltage’ hackers
He runs with the name “Low Voltage” and is the don of South Africa’s underground movement of techno trouble-stirrers who could, with the click of a mouse, cause your company to fall into the 90% bracket of enterprises which will suffer significant financial loss by 2005 through breaches in security.
Delegates attending a presentation on computer hackers, hosted by the KwaZulu-Natal branch of the Institute of Directors, in Durban on Wednesday, were told there was a huge hacking community in South Africa run by someone who calls himself “Low Voltage”.
This information – along with other shocking statistics – was released by Pragasen Morgan, assistant manager of Global Risk Management Solutions, a security division of PricewaterhouseCoopers.
“They meet regularly in Johannesburg to share information, programs and secrets as well as methods and passwords for hacking into certain systems. They work together to overcome different types of security measures,” said Morgan.
Although Morgan couldn’t give any more details on the dark dealings of this group, he did say that there were a number of local “vendors” from whom you could easily pick up the tools for hacking.
“At the end of last year hacking activity increased by 40% worldwide. Hacking among South African corporations is on the increase, but companies won’t talk about it because they run the risk of being branded an unsafe company.
“For example, in financial institutions people would fear leaving their money or information with a company that has been hacked.
“There are a number of local sites where programs can be downloaded, and there are even more advanced international sites which I’d rather not mention because the information available is far too dangerous for people to get hold of,” he said.
You H4ve B33n H4cked (you have been hacked) is just one example of a less vulgar slap-in-the-face reminder that may be left behind after a hacker has had his way with your system.
Morgan said hackers did what they did more for a challenge and very rarely to hold a company to ransom.
“They are in it for the fame and glory, the tougher the security system the bigger the chip on his shoulder.
“August 1 to 19 this year was tabled as the worst period for viruses spread with more financial loss in this week than on September 11 and this is because in that week there was a worldwide hacking competition.
“Other reasons for hacks could be competitors who approach hackers for inside info or disgruntled employees,” he said.
As if having a dark underworld prowling your space isn’t enough, according to PricewaterhouseCooper global statistics, companies need to be wary of an art-of-war type of situation in which the enemy may very well be within your quarters.
Said Morgan: “More than 55% of hacks happen by authorised employees. From a threat point of view the employee poses the greatest threat in hacking. Not only do they know your networks and passwords but they often open e-mails with viruses and spread them.
“The most common form of hacking is through viruses via e-mail spread to cripple a network and hacking into web pages, where they are defaced, leading to major losses in revenue.
“An example of this was a major retail client that we dealt with where an employee hacked into the company’s system resulting in a day-long down time at the cost of around R1 million,” said Morgan.
He said that since the introduction of Windows in the late 1980s, there was an increase in vulnerability.
“Companies need to constantly update their security systems and step up on staff awareness. On a number of social engineered techniques for clients we’ve managed to enter major organisations posing as repair men or cleaners or even just plain suits blending with the environment.
“We then access a computer and get into their network. In most cases you are not stopped if you look confident and like you fit in.
“It’s also very easy to hack in to a system through a home-made wireless mechanism. We were able to construct one of these using some information we got off the net.”
Bala Naidoo, Director of Communi-cations for the South African Police Service in KwaZulu-Natal, said: “We are not aware of this hacking community and if any information regarding this is brought forward we will investigate it.
“So far in Durban we’ve dealt with about 52 cases of internet banking fraud and have no hacking cases reported. We investigate these cases through our commercial crime unit which has the expertise to
handle this,” he said.